Category: krebsonsecurity
-
How to Lose a Fortune with Just One Bad Click
How to Lose a Fortune with Just One Bad Click Image: Shutterstock, iHaMoo. Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and…
-
U.S. Offered $10M for Hacker Just Arrested by Russia
U.S. Offered $10M for Hacker Just Arrested by Russia In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information…
-
Why Phishers Love New TLDs Like .shop, .top and .xyz
Why Phishers Love New TLDs Like .shop, .top and .xyz Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration…
-
Hacker in Snowflake Extortions May Be a U.S. Soldier
Hacker in Snowflake Extortions May Be a U.S. Soldier Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this…
-
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Feds Charge Five Men in ‘Scattered Spider’ Roundup Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. A visual depiction of…
-
An Interview With the Target & Home Depot Hacker
An Interview With the Target & Home Depot Hacker In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in…
-
Fintech Giant Finastra Investigating Data Breach
Fintech Giant Finastra Investigating Data Breach The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than…
-
Microsoft Patch Tuesday, November 2024 Edition
Microsoft Patch Tuesday, November 2024 Edition Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The…